WhatsApp Pay, India’s popular messaging service, WhatsApp’s payment solution has clarified in an update to its policy and FAQs that it does not share payment information with Facebook for commercial purposes.
Even as the social media giant Facebook CEO Mark Zuckerberg faced a panel of US lawmakers regarding his company’s policy regarding user data privacy protection, WhatsApp Pay once more surfaces in Indian media.
WhatsApp Pay was launched in February 2018 for a handful of users in the country as a beta version, stirring up the payments market. The app’s rival Paytm has been brimming with criticism for the payment app’s disregard for existing rules. Now, according to National Payments Corporation of India (NPCI)’s WhatsApp must follow all the regulations regarding user data privacy and payment policies.
Also, the Reserve Bank of India (RBI) has asked all payment platforms operating in India to ensure that all payment information remains inside the boundaries of India within six months.
Facebook’s recent turmoil, where Cambridge Analytica, a data analysis firm manipulated elections and events in several countries with the help of user data that became available to it inappropriately, has put WhatsApp under the radar too, since it was acquired by Facebook in 2014. Recently, WhatsApp Pay’s declaration in its payment policy about sharing user information with Facebook has been the talk of the media.
With that background, WhatsApp has updated the policy on its site. “Facebook does not use WhatsApp payment information for commercial purposes, it simply helps pass the necessary payment information to the bank partner and NPCI. In some cases, we may share limited data to help provide customer support to you or keep payments safe and secure,” it said. According to Livemint, a WhatsApp spokesperson confirmed the update but did not comment.
The fact that WhatsApp pay is still in beta mode could indicate that WhatsApp is either not ready to launch fully because of problems in its policy and its inability to get a full approval from concerned organizations. Moreover, WhatsApp is still looking for a person to lead its payment platform in India.
Meanwhile, NPCI has already released a circular that banks, if in transaction with third-party payment apps, like WhatsApp Pay or PhonePe, must have NPCI permission for sharing user data.
“The government should include the third-party data sharing under the proposed privacy act and it should clearly be part of the law making. Data privacy act is necessary and immediately necessary,” the Livemint quoted Subho Ray, president of Internet and Mobile Association of India (IAMAI).
Worldwide, European Union’s (EU) General Data Protection Regulation (GDPR), which is to be released next month, is being praised and recommended as a model for making laws protecting user data privacy. In the light of the Cambridge Analytica scam, global experts are saying that social media firms have been enjoying a lot of freedom when it comes to accessing and using user data.
Meanwhile, India is still expecting the draft for a data protection bill, which the government spoke of last July. The bill is supposed to headed by former Supreme Court justice B.N. Srikrishna, with a 10-member committee of experts.
“According to the IT Act, there are two restraints, among others, on how customer data can be handled in sensitive cases such as payments. One, the firm that is transferring the data to another company needs to ensure that company has the same, if not better, security standards as itself. Second, the company receiving the customer data can only use it in the specific, limited context. If WhatsApp, for instance, is transferring customer data on payments to Facebook, Facebook can only use it in the context of payments, and not for any other purpose,” the Livemint quoted Namita Viswanath, partner, IndusLaw.